I'm happy to announce the release of mojoPortal CMS 2.3.9.0, available now on our download page.

What's New?

Full Support for HTML 5

New example skins based on Twitter bootstrap, and Zurb foundation, including better support for use of newer html 5 structural elements (like article, nav, and aside) configured from theme.skin. In these example skins we are using article and header for HTML Content and blog features and aside for page and blog side columns as well as nav to wrap the menus and paging links. There are some comments about the use of these elements as well as links to advice about their usage contained in the style.config file of the example skins. Studying the theme.skin files for these skins is a good way to learn about a lot of configuration options for layout and rendering that are not yet documented in detail elsewhere. These example skins are not prettied up, they are meant to be used as a starting point for designers who will pretty them up. Stay tuned for an announcement coming up soon about a new project for mojoPortal skins based on HTML 5, we will be looking for designers to participate in this project to help show off the full design potential of mojoPortal. The new example skins are in the extra-skins.zip file on our codeplex download page but later we will be moving them into the new project for HTML 5 Skins for mojoPortal where we hope to expand on the examples and get more designers involved.

We've also added support for LESS by integrating DotLess. .less files can be used in skins and will be combined and converted to CSS using DotLess by our CSS handler. We have one example skin based on Twitter bootstrap that uses raw .less files and one that uses only CSS. See the article Using HTML 5 with mojoPortal for more details.

We've also revamped most of the Administrative pages to make the markup more consistent and easier to style.

Support for Facebook Comments

We've added support for Using Facebook Comment System on pages and in the Blog as an alternative to our support for Disqus and IntenseDebate.
Requires adding this in layout.master file of the skin, just above the <form element:
<portal:FacebookSdk ID="fbsdk" runat="server" />
and a Facebook AppId must be entered either in Site Settings or in user.config

<add key="FacebookAppId" value="xxxxxxxxxxxxxx" /> 

The Blog also now supports showing related posts based on tags/categories.

Forum Improvements

Forum threads are now indexed as one item in the search index where previously each post was a separate item which could produce multiple search results for the same thread. Use of the new indexing approach requires adding this to user.config:
<add key="Forum:AggregateSearchIndexPerThread" value="true" />
and rebuilding the search index. I think this change has helped a lot on this site, it is much easier to find things in the forums now using search.

HTML Content Improvements

New options in Html Content feature to show the created date, created by, last modified date and last modified by.
New option for highlighting the differences in text when comparing a draft to the live version or when comparing to version history

Image Gallery Improvements

Added an option to use Nivo Slider in the image gallery.
Added a config setting to allow automatically deleting images if the image gallery instance is deleted. By default, it does not do that since you may have used image gallery images in other content.
To enable it, add this to user.config:
<add key="ImageGallery:DeleteImagesWhenModuleIsDeleted" value="true" />

Newsletter Improvements

Added button to re-send verification email for unverified addresses
Added functionality to allow opting in all site members to a newsletter if they have not previously opted out of any newsletters

Miscellaneous Improvements

Changed from RewriteUrl to Server.TransferRequest (based on a config setting and only works in Integrated Pipeline mode), this makes IIS log the friendly URL instead of the real URL (ie Default.aspx?pageid=x) making the IIS logs more useful. With the EU cookie law and growing use of Do Not Track, it is becoming more problematic to rely solely on google analytics for traffic analysis, we expect to see more people going back to log analysis.

Upgrade to the latest June 2012 release of AjaxcontrolToolkit. This also required new releases of Form Wizard Pro, Event Calendar Pro, and Web Invoice Pro because they must use the same version of the toolkit controls as mojoPortal. Customers who previously purchased these add-on features can download the latest version from their purchase history under "My Account"

Form Wizard Pro also has some new features including an HTML question type that shows a simple WYSIWYG editor, an Email question type that automatically validates email. A new option to send the submitter a copy of the form submission data, if enabled it will be sent to each email address from an Email question type on the form. There is also a new option to allow redirecting to a different page after the form is submitted instead of just showing the thank you message.

Add support for settings width of google and Bing maps using a percent instead of pixels
New sorting options on the member list page to allow sorting by join date so it is easy to find new members
Updated to the new Bing Search API

New provider plugin system for user profile updated handlers to allow custom code to execute when a user profile is updated (thanks to Huw Reddick).
New provider plugin system for user pre-delete handlers allows custom code to execute when a user is about to be deleted

Upgrade to TinyMCE 3.5.4
Upgrade to a nightly build of CKeditor to resolve a bug where the file browser dialog would not open in Chrome web browser

various minor improvements and bug fixes for things reported in the forums since the last release.

As always, it's a good idea to backup your site and database before upgrading and review the upgrading documentation.

Follow us on twitter or become a fan on Facebook

I'm happy to announce the initial release of Site Membership Pro, available now in the mojoPortal Store. Site Membership Pro is an add on product for mojoPortal that makes it easy to monetize access to your premium site content.

See the product page for full details. As with our other products, customers who purchase Site Membership Pro get free upgrades for the life of the product.

Follow us on twitter or become a fan on Facebook

I'm happy to announce the release of mojoPortal 2.3.8.5, available now on our download page.

What's New?

A new Control for Nivo Slider

Thanks to Matt Wilkinson who contributed a control that makes it easy to use Nivo Slider, a jQuery widget that does fancy slide show transistions. This control can be used in layout.master or in custom features. You basically add the control and point it to a folder that has images for the slide show. The images in the folder must all be the same size, and you must specify the width of the images on the control, so example usage is like this:

<portal:NivoSlider ID="NivoSlider1" runat="server" ImageFolder='~/Data/Sites/1/nivoimages' ImageWidth='618px' />

Then you also need to add one of these included skins for Nivo Slider to the style.config file of your skin:

<file cssvpath="/Data/style/nivoslider/default/default.css" imagebasevpath="/Data/style/nivoslider/default/">none</file>
<file cssvpath="/Data/style/nivoslider/orman/orman.css" imagebasevpath="/Data/style/nivoslider/orman/">none</file>

or you can copy and rename one of those and modify it as you like.

A new QRCodeImage control

QR Codes are often used in printed materials to encode an url for a web page. There are apps for most smart phones and tablets that can scan the QR Code and navigate to the web page. We've added this control in the "PrinterFriendly" skin so that if people print a page on your site using the printer friendly view a QR Code will be included at the bottom automatically.

Since we don't update the skins in the site specific folders during upgrades you may want to copy the new version of the printerfirendly skin from /Data/skins to /Data/Sites/[SiteID]/skins or you can add it directly to the layout.master of your copy like this:

<portal:QRCodeImage id="qr1" runat="server" AutoDetectPageUrl="true" />

You could also use this control in custom features, you can encode any text value, if you set AutoDetectUrl to false and add the attribute TextToEncode="Any text you want to encode as a QR Code" you could use it for other purposes. The control uses the google charts api to generate the QR code image so it can't work if you are offline or your site is on a private intranet with no access to the internet.

Lots of Little Improvements

There is a new section in Site Settings for Company Info as well as some convenience controls to make it easy to show company info in the footer of your site by embedding some new convenience controls in your layout.master file that will automatically pull in the compnay info from site settings. Examples:

<portal:OrganizationControl id="oc1" runat="server" /> will include the company info marked up with Schema.org Organization markup. There are also a few literal controls that can be used separately:
<portal:CompanyPhoneLiteral id="litPhone" runat="server" />
<portal:CompanyFaxLiteral id="litFax" runat="server" />
<portal:PublicEmail id="litEmail" runat="server" />

There is a new Site Created Event Handler Provider system (usage is yet to be documented), contributed by Joe Davis that allows you to plugin custom code that can execute when additional sites are created.

Blog Category list and Archive list views now use the same settings as the main post list so that they show full posts or excerpts in a paged list instead of just titles.

There is a new setting in Image Gallery to automatically start the colorbox slide show when the page loads.

In the html content feature users with full edit permission can now publish a draft without submitting it through the approval process.

Improved usability for user role management on manage user page.

Made role permissions UI in page settings consistent with module settings where the links are under the security tab for improved usability

Added support for content on the login page.

Added count of members to role list in role manager page

When using LDAP Authentication with fallback to database authentication it is now possible to allow the users with database accounts to login with their email address in addition to the loginname.

Added config settings to make it possible to control the cache duration for 301 redirects or to disable caching.

Restored previously removed support to use cache dependency files based on a config setting to support small web clusters with a shared drive, where dependency files are the easiest way to clear the cache on all the nodes that share the drive without having to use a distrubuted cache.

Added rel="next" and rel="prev" meta links on paged Forums and Lists features to improve the SEO of those features.

Added support for checkboxlist questions in custom user profile with example in comments in mojoProfile.config.

Upgraded from CKeditor 3.6.2 to 3.6.3

Upgraded from TinyMCE 3.4.7 to 3.4.9

Updated to newest version of jcarousel

Update to newer version of google data libraries

Added custom body css class on closed page to make it easier to style the closed page.

Removed un-needed css class from artisteer theme.skin files, was causing a problem in webstore layout where it did not use the full page width.

Bug Fixes

• fixed login, password recovery and registration issues when user exists but is flagged as deleted
• fixed bug in profileview.aspx where custom profile boolean properties were not showing the images for true or false
• fixed bug in PermissionEdit.aspx where All Users was not checked even if it was saved correctly in the database
• fixed incorrect parameter type for compiledmeta field in MySql data layer
• fixed bug in MySql data layer for database logging, incorrect parameter type
• fixed a bug in the blog where an auto-generated excerpt was being used in the post list even when explicitely created in the editor
• fixed bug in blog where detail view did not use the blogauthor override setting
• fixed bug in blog - option to show side pane content and top and bottom content should work in all blog supporting pages
• fixed bug where new user notification did not work in child sites when using related sites mode
• fixed a bug in the editors where the unsaved changes warning from spanish resources was causing CKeditor to not work at all and causing unsaved changes prompt to not work in TinyMCE
• fixed bug in SiteStatisiticsModule where it was hard coded to use 1 for the site id
• fixed bug in newsletter administration where paging did not work
• fixed bug in Flickr Gallery - don't specify a default size in flickr gallery script so it will not reduce image quality
• fixed bug - check for null on all paypal IPN paramaters in webstore
• fixed bug in webstore where media player was shown on offer detail page even when no teaser file was present

Follow us on twitter or become a fan on Facebook

I’m happy to announce the release of mojoPortal 2.3.8.1, available now on our download page.

What’s New?

Security Updates

Stronger password hashing for hashed password format. Previously we were using MD5 without salt, but now we use sha512 with a random 128 character salt per user. Existing users will be automatically updated to the stronger hash the next time they login.

For encrypted passwords we’ve also updated to use a 128 character random salt per user. Existing users will be updated with a salt the next time they login.

In version 2.3.7.6 we changed the SSL behavior to keep users in a secure session once they sign in. After the release we noticed that the canonical url was using https for secure requests and http for insecure requests which could affect SEO since the canonical url should not vary. We’ve changed it in this release such that if the page does not require SSL and the site does not require SSL for all pages, then the canonical url will use http, otherwise it will use https. This way it will be consistent and not vary to make sure there is no inconsistency if search engines happen to crawl the pages using https.

When a user’s roles are changed, the role cookie will now be updated automatically on the next authenticated page request. Previously, if you added a user to a role or removed him from a role he needed to logout and login again to get the new role cookie.

Usability Improvements

We’ve made the role permissions more clear on Page Settings and Feature Instance Settings. There has been some confusion in the past about a special case of permissions. By default Administrators and Content Administrators can access and edit any content without adding them to the allowed roles, but we had a special case where if you set the allowed roles to only Administrators then the content could be locked down to only Administrators and Content Administrators would no longer have access. In the past this has not been an obvious feature from the UI and users who did not know about that feature would mistakenly check the box for Administrators, accidently locking out Content Administrators. We’ve now made it more clear in the UI with radio buttons above the role lists for Page and Content View and Edit Permissions like this:

Note that if you want to lock some content down so that only Administrators can access it, you should set both the page view/edit permissions and the feature instance view/edit permissions to Only Administrators. Otherwise if you only secure the page, Content Administrators can still access the content instance from Content Manager outside the context of the page security.

A related change is that now if you have more than 20 roles, by default we use separate pages for page and feature instance permissions, and the site level permissions have been moved out of the Site Settings page into their own pages. This was done because of a change in behavior in ASP.NET after a recent security update. Now if a page is using postback with more than 1000 form elements, it causes an error, and we moved these things to reduce the number of form elements on a page because if you have a lot of roles the checkboxes for each role for each permission adds up to a lot of form elements and combined with other form elements on the site settings page and hidden elements used for viewstate some users were getting errors when they would save site settings due to too many form elements. There is a workaround to allow more form elements but we wanted to make it work without doing that so it seemed like a better idea to reduce the number of form elements by not having as many things all on one page. We also did some viewstate optimization to reduce un-needed viewstate in some features.

We also added paging to the /Admin/SecurityRoles.aspx page which shows the users for a given role, and we made the feature instance settings page use the same skin as the page when using page specific skins.

Blog Improvements

The blog now shows the post categories for a post in the post list and in the post detail. We’ve also implemented more of the Wordpress API, so in addition to being able to use Windows Live Writer, it is also now possible to use Wordpress clients such as the Blogsy app for iPad. I’ll be documenting that soon but basically you configure it as if you were using Wordpress.

Html Content Improvements

Several people have reported problems when trying to use javascript in the Html Content Feature, the WYSIWYG editors such as CKeditor and TinyMCE tend to do some “cleanup” on the markup which sometimes removed things that people intended to be there. In CKeditor for example you could get around it by saving while still in Html view, but the next time you opened the content in the editor it would run the “cleanup” and mess up your javascript. For content instances where you are using javascript and just want to edit the raw html without interferance from the WYSIWYG editor, you can go into the settings and un-check the box for “Use WYSIWYG Editor?”, and then it will just use a plain text area when you go to edit that content instance.

Most Additional Language Resource Files are Now In a Separate Download

As the number of translations and partial translations of resource files has grown over time, it has added to the size of the download, but more importantly it has increased the amount of time it takes for the ASP.NET compiler to compile the files for the initial request when a site is first started up, or the application pool is recycled such as when deploying an upgrade. Each of those .resx files is compiled by the ASP.NET compiler and over time as we have got so many of them it has become too much and it adds significant time to the initial site startup. So we now have a separate languagepack.zip that has the additional languages. You can copy the language resource files you need from there into your /App_GlobalResources folder. For those upgrading, you may already have a lot of existing resource files in that folder that you don’t need. My advice would be to delete the languages you are not supporting in your site from the /App_GlobalResources folder just before upgrading. Do not delete the English resource files though because those are needed for fallback when other languages have missing keys. The English files are named without a language code like Resource.resx and BlogResources.resx whereas other languages have a language code like Resource.ru.resx and BlogResources.ru.resx for Russian. The main package now only contains the resource files for English and Italian and the other languages are all in the languagepack.zip

WebStore Improvements

The way payment gateways was plugged in in the past for card processing gateways like Authorize.NET and PlugNPay was kind of a mess, it is now a true provider model so that new gateways can be implemented in separate assemblies (dlls) and plugged in by configuration, so it should be easier now to implement new gateways. I’ll be documenting this soon. It doesn’t affect PayPal or Google Checkout because those are special cases where we don’t process the credit card payment on our own site, it happens at the PayPal or Google Checkout site and those payment gateways can be used in addition to a standard card processing gateway where the user doesn’t leave your site to complete the transaction. The new provider model is only for standard card processing gateways.

There was also some redundancy with the old way we implemented Authorize.NET and PlugNPay, they each had their own separate log for logging transactions which was redundant and would have only become worse if we kept adding new logs for each new payment gateway, so we now have a consolidated payment log used by all standard card processing gateways (ie ones that implement IPaymentGateway provider). The upgrade script will migrate existing data form the old Authorize.NET and PlugNPay Logs. Since our add on features Web Invoice Pro and Event Calendar Pro also use the payment gateways, we have corresponding upgrades of those features and you should upgrade them at the same time as you upgrade mojoPortal to make sure that going forward new transactions are being logged in the new common payment log (Note that this really only matters if you’ve been using Authorize.NET in those add on products).

In WebStore it is now also possible to move an order from one site user to another one on the AdminOrderDetail.aspx page. I’ve needed to do this in the past when the user who completed the order no longer works at the company that purchased a product so a different user needed to be able to get the product updates.

Miscellaneous

The Feed Manager now supports relative urls for use with internal feeds using the ~/ syntax to represent the site root.

When using Folder based child sites with related sites mode, closing the master site now closes all the sites

FCKEditor has been removed and is no longer included with mojoPortal because it is no longer kept up to date and doesn’t work well with newer browsers. CKeditor is the new generation of FCKeditor and we’ve included both of them for quite a while. Note however, that if you are upgrading from an older version, the FCKeditor files are still on disk from previouse installation, we are not deleting files during upgrades, so if you really wanted to keep using FCKeditor you could re-enable it by using a custom configuration file to plug in FCKeditor. But, my advice is don't use it, it has problems in newer browsers like IE 9 anyway and CKEditor is a better product.

Fixed a bug where the Janrain Engage sign in system wasn’t working correctly when using multiple sites with related sites mode, we’ve also updated to the newer Janrain Engage widget code.

Fixed some issues with theme caching where it wasn’t always loading the correct theme.skin file when using page specific skins.

Fixed a problem where the SiteRoot was being cached as a property on SiteSettings and then used in various places to build urls. The problem was that if you were accessing the site with more than one url such as using a domain name and by ip address, the cached site root might not be correct for the context of a specific request. This property has now been deprecated and all places in mojoPortal where we were using it are now using SiteUtils.GetNavigationSiteRoot() to make sure the site root is calculated in the context of the current request.

I'm happy to announce the release of mojoPortal 2.3.7.6, available now on our download page.

The major highlight of this release are the new Audio Player and Video Player features contributed by our newest team member Kerry Doan.

Audio and Video Players

The New Audio and Video features based on jPlayer are also an exciting addition to the built-in feature set.

Huge thanks to Kerry Doan for his hard work on these features.

There are also several smaller improvements and bug fixes for things reported in the forums since the last release, and there is a change in behavior when using SSL. We no longer redirect out of SSL on pages marked as not requiring it for reasons discussed in the new document Use SSL.

Follow us on twitter or become a fan on Facebook